k2hr3-api 1.0.42 → 2.0.1

package/dist/src/lib/k2hr3extdata.js

@@ -0,0 +1,198 @@
+"use strict";
+/*
+ * K2HR3 REST API
+ *
+ * Copyright 2018 Yahoo Japan Corporation.
+ *
+ * K2HR3 is K2hdkc based Resource and Roles and policy Rules, gathers
+ * common management information for the cloud.
+ * K2HR3 can dynamically manage information as "who", "what", "operate".
+ * These are stored as roles, resources, policies in K2hdkc, and the
+ * client system can dynamically read and modify these information.
+ *
+ * For the full copyright and license information, please view
+ * the license file that was distributed with this source code.
+ *
+ * AUTHOR:   Takeshi Nakatani
+ * CREATE:   Tue May 13 2020
+ * REVISION:
+ *
+ */
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const k2hr3apiutil_1 = __importDefault(require("./k2hr3apiutil"));
+const k2hr3cryptutil_1 = __importDefault(require("./k2hr3cryptutil"));
+const dbglogging_1 = __importDefault(require("./dbglogging"));
+const k2hr3keys_1 = require("./k2hr3keys");
+const k2hr3config_1 = require("./k2hr3config");
+const apiConf = new k2hr3config_1.r3ApiConfig();
+//---------------------------------------------------------
+// load userdata templates from config directory
+//---------------------------------------------------------
+const LoadedExtdataObjs = (() => {
+    const extdataobjs = {
+        configs: {},
+        cryptconfig: null,
+        kw_role_name: /{{= %K2HR3_ROLE_NAME% }}/g, // Role YRN full path
+        kw_role_tenant: /{{= %K2HR3_ROLE_TENANT% }}/g, // Tenant YRN full path
+        kw_role_token: /{{= %K2HR3_ROLE_TOKEN% }}/g, // Role Token
+        kw_api_uri: /{{= %K2HR3_API_HOST_URI% }}/g, // K2HR3 API server URI(ex. https://localhost:3000)
+        kw_err_msg: /{{= %K2HR3_ERROR_MSG% }}/g // Error message string when something error occured
+    };
+    if (0 < apiConf.getExtdataConfigCount()) {
+        extdataobjs.configs = apiConf.getAllExtdataConfig();
+        Object.keys(extdataobjs.configs).forEach(key => {
+            if (k2hr3apiutil_1.default.isPlainObject(extdataobjs.configs[key]) && k2hr3apiutil_1.default.isSafeString(extdataobjs.configs[key].template)) {
+                extdataobjs.configs[key].contents = k2hr3apiutil_1.default.readFileContents(extdataobjs.configs[key].template);
+            }
+        });
+    }
+    extdataobjs.cryptconfig = apiConf.getUserdataCryptConfig();
+    return extdataobjs;
+})();
+//---------------------------------------------------------
+// Userdata Processing Class
+//---------------------------------------------------------
+class ExtdataProcess {
+    _extdataObjs;
+    //
+    // Constructor
+    //
+    constructor() {
+        this._extdataObjs = LoadedExtdataObjs;
+    }
+    //
+    // Methods
+    //
+    checkSuburi = (key) => {
+        if (!k2hr3apiutil_1.default.isSafeString(key)) {
+            dbglogging_1.default.elog('key parameter is empty.');
+            return false;
+        }
+        return k2hr3apiutil_1.default.isSafeEntity(this._extdataObjs.configs[key]);
+    };
+    checkUserAgent = (agent, key) => {
+        if (!k2hr3apiutil_1.default.isSafeString(agent)) {
+            dbglogging_1.default.elog('agent and key parameters are empty.');
+            return false;
+        }
+        if (!k2hr3apiutil_1.default.isSafeEntity(this._extdataObjs.configs[key])) {
+            dbglogging_1.default.elog('unkown key(suburi): ' + JSON.stringify(key));
+            return false;
+        }
+        if (!k2hr3apiutil_1.default.isSafeString(this._extdataObjs.configs[key].useragent)) {
+            // allow any useragent
+            return true;
+        }
+        return k2hr3apiutil_1.default.compareCaseString(agent, this._extdataObjs.configs[key].useragent);
+    };
+    getContentType = (key) => {
+        if (!k2hr3apiutil_1.default.isSafeEntity(this._extdataObjs.configs[key])) {
+            dbglogging_1.default.elog('unkown key(suburi): ' + JSON.stringify(key));
+            return null;
+        }
+        if (!k2hr3apiutil_1.default.isSafeString(this._extdataObjs.configs[key].contenttype)) {
+            return 'text/plain';
+        }
+        return k2hr3apiutil_1.default.getSafeString(this._extdataObjs.configs[key].contenttype);
+    };
+    // [NOTE]
+    // For the encryption of Role information, the passphrase and the
+    // algorithm set in userdata are used in common.
+    // Therefore, Extdata-only encryption is not required, and the
+    // composite uses the configuratino information of userdata.
+    //
+    decryptRoleInfo = (str) => {
+        if (!k2hr3apiutil_1.default.isSafeString(str)) {
+            dbglogging_1.default.elog('string parameter is empty.');
+            return null;
+        }
+        if (!k2hr3apiutil_1.default.isSafeEntity(this._extdataObjs.cryptconfig)) {
+            dbglogging_1.default.elog('cryptconfig data is empty.');
+            return null;
+        }
+        const rawData = k2hr3cryptutil_1.default.r3DecryptJSON(str, this._extdataObjs.cryptconfig.passphrase, this._extdataObjs.cryptconfig.algorithm);
+        if (!k2hr3apiutil_1.default.isValTypeRoleInfo(rawData)) {
+            return null;
+        }
+        return rawData;
+    };
+    getExtdata = (roleobj, key) => {
+        let rolename = '';
+        let roletenant = '';
+        let roletoken = '';
+        let contents = '';
+        let baseuri = '';
+        let errorMsg = '';
+        if (!k2hr3apiutil_1.default.isSafeEntity(roleobj)) {
+            dbglogging_1.default.elog('role object(role name, role token) parameter is empty.');
+            errorMsg = 'k2hr3 role information is wrong';
+        }
+        else if (!k2hr3apiutil_1.default.isSafeString(roleobj.role)) {
+            dbglogging_1.default.elog('role name parameter is empty.');
+            errorMsg = 'k2hr3 role name is empty';
+        }
+        else if (!k2hr3apiutil_1.default.isSafeString(roleobj.token)) {
+            dbglogging_1.default.elog('role token parameter is empty.');
+            errorMsg = 'k2hr3 role token is empty';
+        }
+        else {
+            rolename = k2hr3apiutil_1.default.getSafeString(roleobj.role);
+            roletoken = k2hr3apiutil_1.default.getSafeString(roleobj.token);
+            // Extract tenant yrn full path from role yrn full path
+            const keys = (0, k2hr3keys_1.getK2hr3Keys)();
+            const roleptn = new RegExp('^' + keys.MATCH_ANY_TENANT_ROLE); // regex = /^yrn:yahoo:(.*)::(.*):role:(.*)/
+            const matches = rolename.match(roleptn);
+            if (k2hr3apiutil_1.default.isNotEmptyArray(matches) && 4 <= matches.length && k2hr3apiutil_1.default.isSafeString(matches[2])) {
+                roletenant = keys.NO_SERVICE_KEY + k2hr3apiutil_1.default.getSafeString(matches[1]) + '::' + k2hr3apiutil_1.default.getSafeString(matches[2]);
+            }
+        }
+        if (k2hr3apiutil_1.default.isSafeEntity(this._extdataObjs.configs[key])) {
+            const config = this._extdataObjs.configs[key];
+            if (k2hr3apiutil_1.default.isPlainObject(config)) {
+                if (k2hr3apiutil_1.default.isSafeString(config.contents)) {
+                    contents = config.contents;
+                }
+                if (k2hr3apiutil_1.default.isSafeString(config.baseuri)) {
+                    baseuri = config.baseuri;
+                }
+            }
+        }
+        //-----------------
+        // expands templates
+        //-----------------
+        let result = null;
+        if (k2hr3apiutil_1.default.isSafeString(contents)) {
+            result = contents
+                .replace(this._extdataObjs.kw_role_name, rolename)
+                .replace(this._extdataObjs.kw_role_tenant, roletenant)
+                .replace(this._extdataObjs.kw_role_token, roletoken)
+                .replace(this._extdataObjs.kw_api_uri, baseuri)
+                .replace(this._extdataObjs.kw_err_msg, errorMsg);
+        }
+        return result;
+    };
+    getGzipExtdata = (roleobj, key) => {
+        // get expanded data
+        const expanded = this.getExtdata(roleobj, key);
+        return (k2hr3cryptutil_1.default.r3Gzip(expanded) ?? null);
+    };
+}
+//---------------------------------------------------------
+// Exports
+//---------------------------------------------------------
+//
+// Class
+//
+const extdataProcess = ExtdataProcess;
+exports.default = extdataProcess;
+/*
+ * Local variables:
+ * tab-width: 4
+ * c-basic-offset: 4
+ * End:
+ * vim600: noexpandtab sw=4 ts=4 fdm=marker
+ * vim<600: noexpandtab sw=4 ts=4
+ */

package/dist/src/lib/k2hr3keys.js

@@ -0,0 +1,207 @@
+"use strict";
+/*
+ * K2HR3 REST API
+ *
+ * Copyright 2017 Yahoo Japan Corporation.
+ *
+ * K2HR3 is K2hdkc based Resource and Roles and policy Rules, gathers
+ * common management information for the cloud.
+ * K2HR3 can dynamically manage information as "who", "what", "operate".
+ * These are stored as roles, resources, policies in K2hdkc, and the
+ * client system can dynamically read and modify these information.
+ *
+ * For the full copyright and license information, please view
+ * the license file that was distributed with this source code.
+ *
+ * AUTHOR:   Takeshi Nakatani
+ * CREATE:   Wed Jun 8 2017
+ * REVISION:
+ *
+ */
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getK2hr3Keys = void 0;
+const k2hr3apiutil_1 = __importDefault(require("./k2hr3apiutil"));
+const getK2hr3Keys = (user, tenant, service) => {
+    const keywords = {
+        // common types
+        'TYPE_ROLE': 'role',
+        'TYPE_RESOURCE': 'resource',
+        'TYPE_POLICY': 'policy',
+        'TYPE_SERVICE': 'service', // Using in list API
+        // common values
+        'VALUE_WILDCARD': '*',
+        'VALUE_TRUE': 'true',
+        'VALUE_FALSE': 'false',
+        'VALUE_ENABLE': 'enable',
+        'VALUE_DISABLE': 'disable',
+        'VALUE_ALLOW': 'allow',
+        'VALUE_DENY': 'deny',
+        'VALUE_READ': 'read',
+        'VALUE_WRITE': 'write',
+        'VALUE_ANY_PORT': '*',
+        'VALUE_HOST_SEP': ' ',
+        'VALUE_HOST_REGSEP': ':',
+        'VALUE_HOST_DETAILSEP': ',',
+        'VALUE_ANYDATA_TYPE': 'anytype',
+        'VALUE_STRING_TYPE': 'string',
+        'VALUE_OBJECT_TYPE': 'object',
+        'VALUE_KEYS_TYPE': 'keys',
+        'VALUE_ALIAS_TYPE': 'aliases',
+        'VALUE_EXPIRE_TYPE': 'expire',
+        'VALUE_POLICIES_TYPE': 'policies',
+        'VALUE_HOSTS_TYPE': 'hosts',
+        'VALUE_HOSTNAMES_TYPE': 'hostnames',
+        'VALUE_IPS_TYPE': 'ips',
+        'VALUE_KEYSTONE_NORMAL': 'kstype_normal',
+        'VALUE_KEYSTONE_NOPASS': 'kstype_nopasswd',
+        'VALUE_KEYSTONE_SUB': 'kstype_substitute',
+        'VALUE_OPENSTACK_V1': 'openstack-auto-v1', // used/set from k2hr3-init.sh
+        'VALUE_K8S_V1': 'k8s-auto-v1', // used/set from k2hr3-kube-init.sh
+        'VALUE_PREFIX_LOCAL_TENANT': 'local@',
+        // common keywords( part of keyname )
+        'POLICIES_KW': 'policies',
+        'SERVICE_KW': 'service',
+        'HOSTS_KW': 'hosts',
+        'HOSTS_NAME_KW': 'name',
+        'HOSTS_IP_KW': 'ip',
+        'KEYS_KW': 'keys',
+        'TYPE_KW': 'type',
+        'EXPIRE_KW': 'expire',
+        'EFFECT_KW': 'effect',
+        'ACTION_KW': 'action',
+        'RESOURCE_KW': 'resource',
+        'CONDITION_KW': 'condition',
+        'REFERENCE_KW': 'reference',
+        'ID_KW': 'id',
+        'ALIAS_KW': '@',
+        'URL_KW': 'url',
+        'STATUS_KW': 'status',
+        'DATE_KW': 'date',
+        'SEED_KW': 'seed',
+        'ROLE_TOKEN_KW': 'tokens',
+        // ACR keywords
+        'ACR_POLICY_KW': 'acr-policy',
+        'ACR_ROLE_KW': 'acr-role',
+        'ACR_RESOURCE_NAME_KEY': 'name',
+        'ACR_RESOURCE_EXPIRE_KEY': 'expire',
+        'ACR_RESOURCE_TYPE_KEY': 'type',
+        'ACR_RESOURCE_DATA_KEY': 'data',
+        'ACR_RESOURCE_KEYS_KEY': 'keys',
+        // kubernetes cuk keywords
+        'K8S_HOST_INCUK_KEY': 'host',
+        'K8S_NAMESPACE_INCUK_KEY': 'k8s_namespace',
+        'K8S_SA_INCUK_KEY': 'k8s_service_account',
+        'K8S_NODENAME_INCUK_KEY': 'k8s_node_name',
+        'K8S_NODEIP_INCUK_KEY': 'k8s_node_ip',
+        'K8S_PODNAME_INCUK_KEY': 'k8s_pod_name',
+        'K8S_PODID_INCUK_KEY': 'k8s_pod_id',
+        'K8S_PODIP_INCUK_KEY': 'k8s_pod_ip',
+        'K8S_CONTAINERID_INCUK_KEY': 'k8s_container_id',
+        'K8S_RAND_INCUK_KEY': 'k8s_k2hr3_rand',
+        // common key names
+        'YRN_KEY': 'yrn',
+        'DOMAIN_KEY': 'yrn:yahoo',
+        'NO_SERVICE_KEY': 'yrn:yahoo:',
+        'NO_SERVICE_REGION_KEY': 'yrn:yahoo::',
+        'NO_SERVICE_TENANT_KEY': 'yrn:yahoo:::',
+        'USER_TOP_KEY': 'yrn:yahoo::::user',
+        'TOKEN_TOP_KEY': 'yrn:yahoo::::token',
+        'TOKEN_USER_TOP_KEY': 'yrn:yahoo::::token:user',
+        'TOKEN_ROLE_TOP_KEY': 'yrn:yahoo::::token:role',
+        'ACTION_TOP_KEY': 'yrn:yahoo::::action',
+        'ACTION_READ_KEY': 'yrn:yahoo::::action:read',
+        'ACTION_WRITE_KEY': 'yrn:yahoo::::action:write',
+        'KEYSTONE_TOP_KEY': 'yrn:yahoo::::keystone',
+        'IAAS_TOP_KEY': 'yrn:yahoo::::iaas',
+        'IAAS_OS_TOP_KEY': 'yrn:yahoo::::iaas:openstack',
+        'IAAS_K8S_TOP_KEY': 'yrn:yahoo::::iaas:k8s',
+        'MASTER_SERVICE_TOP_KEY': 'yrn:yahoo::::service',
+        'ANYTENANT_SERVICE_TOP_KEY': 'yrn:yahoo::::service:',
+        'ANYTENANT_SERVICE_KEY': 'yrn:yahoo::::service::anytenant',
+        // match regex
+        'MATCH_ANY_SERVICE_MASTER': 'yrn:yahoo::::service:(.*)',
+        'MATCH_ANY_IAAS': 'yrn:yahoo::::iaas:(.*)',
+        'MATCH_ANY_IAAS_OS': 'yrn:yahoo::::iaas:openstack:(.*)',
+        'MATCH_ANY_IAAS_K8S': 'yrn:yahoo::::iaas:k8s:(.*)',
+        'MATCH_ANY_SERVICE_TENANT': 'yrn:yahoo:(.*)::(.*):(.*)',
+        'MATCH_ANY_TENANT_MAIN': 'yrn:yahoo:(.*)::(.*)',
+        'MATCH_ANY_TENANT_ROLE': 'yrn:yahoo:(.*)::(.*):role:(.*)',
+        'MATCH_ANY_TENANT_POLICY': 'yrn:yahoo:(.*)::(.*):policy:(.*)',
+        'MATCH_ANY_TENANT_RESOURCE': 'yrn:yahoo:(.*)::(.*):resource:(.*)',
+        'MATCH_ANY_TENANT_RES_DATA': 'yrn:yahoo:(.*)::(.*):resource:(.*)', // end of resource name
+        'MATCH_NOT_TENANT_RES_DATA': '( |\t|\r|\n|:)', // not match resource data key name
+        'MATCH_ANY_TENANT_RES_KEY': 'yrn:yahoo:(.*)::(.*):resource:(.*)/keys/(.*)', // end of resource name/keys/<keyname>
+        'MATCH_ANY_HOSTNAME_PORT': 'yrn:yahoo:(.*)::(.*):role:(.*)/hosts/name/(.*) (.*) (.*)',
+        'MATCH_ANY_HOSTNAME_KEYS': 'yrn:yahoo:(.*)::(.*):role:(.*)/hosts/name',
+        'MATCH_ANY_IP_PORT': 'yrn:yahoo:(.*)::(.*):role:(.*)/hosts/ip/(.*) (.*) (.*)',
+        'MATCH_ANY_IP_KEYS': 'yrn:yahoo:(.*)::(.*):role:(.*)/hosts/ip',
+        'MATCH_ANY_ALLHOST_KEYS': 'yrn:yahoo:(.*)::(.*):role:(.*)/hosts/all', // This is only used in template variable names, not key name
+        'MATCH_ANY_KS_REGION': 'yrn:yahoo::::keystone:(.*)',
+        'MATCH_ANY_USER_TOKEN': 'yrn:yahoo::::user:(.*):tenant/(.*)/token/(.*)',
+        'MATCH_ANY_ROLE_TOKEN': 'yrn:yahoo::::token:role/(.*)',
+        'MATCH_URI_GET_ROLE_DATA': '^/v1/role/(.*)',
+        'MATCH_URI_GET_RTOKEN': '^/v1/role/token/(.*)',
+        'MATCH_URI_GET_RTOKEN_LIST': '^/v1/role/token/list/(.*)'
+    };
+    const _user = k2hr3apiutil_1.default.getSafeString(user).toLowerCase();
+    const _tenant = k2hr3apiutil_1.default.getSafeString(tenant).toLowerCase();
+    const _service = k2hr3apiutil_1.default.getSafeString(service).toLowerCase();
+    keywords.SERVICE_TOP_KEY = keywords.NO_SERVICE_KEY + _service; // "yrn:yahoo:<service>"
+    keywords.SERVICE_NO_REGION_KEY = keywords.SERVICE_TOP_KEY + ':'; // "yrn:yahoo:<service>:"
+    if (k2hr3apiutil_1.default.isSafeString(_service)) {
+        keywords.MASTER_SERVICE_KEY = keywords.MASTER_SERVICE_TOP_KEY + ':' + _service; // "yrn:yahoo::::service:<service>"
+        keywords.SERVICE_OWNER_KEY = keywords.MASTER_SERVICE_KEY + ':owner'; // "yrn:yahoo::::service:<service>:owner"
+        keywords.SERVICE_TENANT_KEY = keywords.MASTER_SERVICE_KEY + ':tenant'; // "yrn:yahoo::::service:<service>:tenant"
+        keywords.SERVICE_VERIFY_TENANT_KEY = keywords.MASTER_SERVICE_KEY + ':verify'; // "yrn:yahoo::::service:<service>:verify"
+    }
+    if (k2hr3apiutil_1.default.isSafeString(_tenant)) {
+        // tenant key with service(allowed null)
+        keywords.TENANT_TOP_KEY = keywords.SERVICE_NO_REGION_KEY + ':' + _tenant; // "yrn:yahoo:<service>::<tenant>"
+        // tenant master key(service is null)
+        keywords.MASTER_TENANT_TOP_KEY = keywords.NO_SERVICE_REGION_KEY + ':' + _tenant; // "yrn:yahoo:::<tenant>"
+        // tenant description keys(service is null)
+        keywords.TENANT_ID_KEY = keywords.MASTER_TENANT_TOP_KEY + ':id'; // "yrn:yahoo:::<tenant>:id"
+        keywords.TENANT_DESC_KEY = keywords.MASTER_TENANT_TOP_KEY + ':desc'; // "yrn:yahoo:::<tenant>:desc"
+        keywords.TENANT_DISP_KEY = keywords.MASTER_TENANT_TOP_KEY + ':display'; // "yrn:yahoo:::<tenant>:display"
+        keywords.TENANT_USER_KEY = keywords.MASTER_TENANT_TOP_KEY + ':user'; // "yrn:yahoo:::<tenant>:user"
+        keywords.TENANT_SERVICE_KEY = keywords.MASTER_TENANT_TOP_KEY + ':service'; // "yrn:yahoo:::<tenant>:service"
+        // role, resource, policy under tenant with service
+        keywords.ROLE_TOP_KEY = keywords.TENANT_TOP_KEY + ':' + 'role'; // "yrn:yahoo:<service>::<tenant>:role"
+        keywords.POLICY_TOP_KEY = keywords.TENANT_TOP_KEY + ':' + 'policy'; // "yrn:yahoo:<service>::<tenant>:policy"
+        keywords.RESOURCE_TOP_KEY = keywords.TENANT_TOP_KEY + ':' + 'resource'; // "yrn:yahoo:<service>::<tenant>:resource"
+    }
+    if (k2hr3apiutil_1.default.isSafeString(_user)) {
+        keywords.USER_KEY = keywords.USER_TOP_KEY + ':' + _user; // "yrn:yahoo::::user:<user>"
+        keywords.USER_ID_KEY = keywords.USER_KEY + ':id'; // "yrn:yahoo::::user:<user>:id"
+        keywords.USER_TENANT_TOP_KEY = keywords.USER_KEY + ':tenant'; // "yrn:yahoo::::user:<user>:tenant"
+        keywords.USER_TENANT_COMMON_KEY = keywords.USER_TENANT_TOP_KEY + '/'; // "yrn:yahoo::::user:<user>:tenant/"
+        keywords.USER_TENANT_UNSCOPE_TOKEN_KEY = keywords.USER_TENANT_COMMON_KEY + '/token'; // "yrn:yahoo::::user:<user>:tenant//token"
+        if (k2hr3apiutil_1.default.isSafeString(tenant)) {
+            keywords.USER_TENANT_KEY = keywords.USER_TENANT_COMMON_KEY + _tenant; // "yrn:yahoo::::user:<user>:tenant/<tenant>"
+            keywords.USER_TENANT_SCOPE_TOKEN_KEY = keywords.USER_TENANT_KEY + '/token'; // "yrn:yahoo::::user:<user>:tenant/<tenant>/token"
+            // ambiguous key whether tenant exists or not
+            keywords.USER_TENANT_AMBIGUOUS_KEY = keywords.USER_TENANT_KEY; // "yrn:yahoo::::user:<user>:tenant/<tenant>"
+            keywords.USER_TENANT_AMBIGUOUS_TOKEN_KEY = keywords.USER_TENANT_SCOPE_TOKEN_KEY; // "yrn:yahoo::::user:<user>:tenant/<tenant>/token"
+        }
+        else {
+            keywords.USER_TENANT_KEY = ''; // ""
+            keywords.USER_TENANT_SCOPE_TOKEN_KEY = ''; // ""
+            // ambiguous key whether tenant exists or not
+            keywords.USER_TENANT_AMBIGUOUS_KEY = keywords.USER_TENANT_COMMON_KEY; // "yrn:yahoo::::user:<user>:tenant/"
+            keywords.USER_TENANT_AMBIGUOUS_TOKEN_KEY = keywords.USER_TENANT_UNSCOPE_TOKEN_KEY; // "yrn:yahoo::::user:<user>:tenant//token"
+        }
+    }
+    return keywords;
+};
+exports.getK2hr3Keys = getK2hr3Keys;
+/*
+ * Local variables:
+ * tab-width: 4
+ * c-basic-offset: 4
+ * End:
+ * vim600: noexpandtab sw=4 ts=4 fdm=marker
+ * vim<600: noexpandtab sw=4 ts=4
+ */

package/dist/src/lib/k2hr3resutil.js

@@ -0,0 +1,111 @@
+"use strict";
+/*
+ * K2HR3 REST API
+ *
+ * Copyright 2017 Yahoo Japan Corporation.
+ *
+ * K2HR3 is K2hdkc based Resource and Roles and policy Rules, gathers
+ * common management information for the cloud.
+ * K2HR3 can dynamically manage information as "who", "what", "operate".
+ * These are stored as roles, resources, policies in K2hdkc, and the
+ * client system can dynamically read and modify these information.
+ *
+ * For the full copyright and license information, please view
+ * the license file that was distributed with this source code.
+ *
+ * AUTHOR:   Takeshi Nakatani
+ * CREATE:   Fri Sep 8 2017
+ * REVISION:
+ *
+ */
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.k2hr3resutil = void 0;
+const k2hr3apiutil_1 = __importDefault(require("./k2hr3apiutil"));
+//---------------------------------------------------------
+// Functions
+//---------------------------------------------------------
+const rawSendErrorResponse = (req, res, status, msgbody, strType) => {
+    if (!k2hr3apiutil_1.default.isSafeEntity(res) || !k2hr3apiutil_1.default.isSafeEntity(status) || !k2hr3apiutil_1.default.isSafeNumber(status)) {
+        if (!k2hr3apiutil_1.default.isSafeEntity(res)) {
+            // can do nothing
+            return false;
+        }
+        status = 500; // 500: Internal Error
+        msgbody = 'Wrong parameters are got.';
+    }
+    // set response type
+    if (k2hr3apiutil_1.default.isSafeString(strType)) {
+        res.type(strType);
+    }
+    // set response status
+    res.status(status ?? 500);
+    // body message to JSON
+    let jsonbody = '';
+    if (null !== msgbody) {
+        if (k2hr3apiutil_1.default.isString(msgbody)) {
+            if (k2hr3apiutil_1.default.checkSimpleJSON(msgbody)) {
+                jsonbody = msgbody;
+            }
+            else {
+                // msgbody is string, but it is not JSON.
+                jsonbody = JSON.stringify(msgbody);
+            }
+        }
+        else {
+            jsonbody = JSON.stringify(msgbody);
+        }
+    }
+    // set 'x-k2hr3-error' header
+    if (k2hr3apiutil_1.default.isPlainObject(req) &&
+        k2hr3apiutil_1.default.isPlainObject(req.headers)) {
+        const tmpDbgHead = req.headers['x-k2hr3-debug'];
+        if (k2hr3apiutil_1.default.isSafeEntity(tmpDbgHead) &&
+            (k2hr3apiutil_1.default.compareCaseString('ON', k2hr3apiutil_1.default.isArray(tmpDbgHead) ? k2hr3apiutil_1.default.getSafeString(tmpDbgHead[0]) : k2hr3apiutil_1.default.getSafeString(tmpDbgHead)) ||
+                k2hr3apiutil_1.default.compareCaseString('OK', k2hr3apiutil_1.default.isArray(tmpDbgHead) ? k2hr3apiutil_1.default.getSafeString(tmpDbgHead[0]) : k2hr3apiutil_1.default.getSafeString(tmpDbgHead)) ||
+                k2hr3apiutil_1.default.compareCaseString('debug', k2hr3apiutil_1.default.isArray(tmpDbgHead) ? k2hr3apiutil_1.default.getSafeString(tmpDbgHead[0]) : k2hr3apiutil_1.default.getSafeString(tmpDbgHead)) ||
+                k2hr3apiutil_1.default.compareCaseString('dbg', k2hr3apiutil_1.default.isArray(tmpDbgHead) ? k2hr3apiutil_1.default.getSafeString(tmpDbgHead[0]) : k2hr3apiutil_1.default.getSafeString(tmpDbgHead)) ||
+                k2hr3apiutil_1.default.compareCaseString('1', k2hr3apiutil_1.default.isArray(tmpDbgHead) ? k2hr3apiutil_1.default.getSafeString(tmpDbgHead[0]) : k2hr3apiutil_1.default.getSafeString(tmpDbgHead)) ||
+                k2hr3apiutil_1.default.compareCaseString('1', k2hr3apiutil_1.default.isArray(tmpDbgHead) ? k2hr3apiutil_1.default.getSafeString(tmpDbgHead[0]) : k2hr3apiutil_1.default.getSafeString(tmpDbgHead)))) {
+            let errheader;
+            if (k2hr3apiutil_1.default.isSafeString(jsonbody)) {
+                errheader = jsonbody;
+            }
+            else {
+                errheader = JSON.stringify({ status: status });
+            }
+            res.header('x-k2hr3-error', errheader);
+        }
+    }
+    // send body
+    res.send(jsonbody);
+    return true;
+};
+//---------------------------------------------------------
+// Exports
+//---------------------------------------------------------
+exports.k2hr3resutil = {
+    //
+    // <argument>	<default>	<note>
+    //	req						request object
+    //	res						response object
+    //	status					status code for error, must be number
+    //	msgbody		null		response error body if need
+    //	strType		null		response type if need
+    //
+    errResponse: rawSendErrorResponse
+};
+//
+// Default
+//
+exports.default = exports.k2hr3resutil;
+/*
+ * Local variables:
+ * tab-width: 4
+ * c-basic-offset: 4
+ * End:
+ * vim600: noexpandtab sw=4 ts=4 fdm=marker
+ * vim<600: noexpandtab sw=4 ts=4
+ */